platform/graphics/win/QTMovieWin.cpp:
(QTMovieWin::getNaturalSize): Call GetMovieNaturalBoundsRect, which
returns the movie's natural bounds (duh), rather than GetMovieBox,
which returns the movie's current displayed size/position.

The expected behavior for persistent storage when private browsing mode is undefined by the spec.
For now we're going with a "read-only when in private browsing" policy until we can get feedback
and/or get the behavior specified in the spec.

Note that I purposefully made the change to restrict SessionStorage to read-only, also, with the
understanding that the spec allows for SessionStorage to persist across relaunches, even though
our implementation currently doesn't do this.

dom/DOMCoreException.idl: Add some new ExceptionCodes defined in HTML5, one of which is needed
for LocalStorage changes (QUOTA_EXCEEDED_ERR)

dom/ExceptionCode.cpp:

dom/ExceptionCode.h:

storage/StorageArea.cpp:
(WebCore::StorageArea::internalSetItem): If private browsing is enabled, throw the QUOTA_EXCEEDED_ERR
exception as the spec allows.
(WebCore::StorageArea::internalRemoveItem): If private browsing is enabled, silently fail to remove
the item.
(WebCore::StorageArea::internalClear): If private browsing is enabled, silently fail to clear the area.

Standalone media documents can not always handle everything
using a <video> element. In these cases switch to an <embed>
element that uses the QuickTime plugin, in the hope that it
will have more luck. Typical media types that trigger this
are streamed media and QTVR.

Fix ScrollView's algorithm that determines whether or not to show scrollbars. There was a bug
with the method mainly because RenderView will size itself to the viewport's size, making it
impossible to really know the document's "true" size.

In order to solve this problem ScrollView now has a minimumContentsSize method. This method
returns the document size excluding the RenderView from the calculation. This width/height
is now cached on RenderView in m_docWidth/m_docHeight member variables.

Tests in http/tests/xmlhttprequest/web-apps were taking results from
platform/mac instead of LayoutTests, so added the values from LayoutTests
into platform/win, and removed a few tests from the skip list that are fixed
by the fix to platform/network/cf/ResourceResponseCFNet.cpp

Clean up repaint logic when RenderLayers become and stop being composited.

rendering/RenderLayer.h:

rendering/RenderLayer.cpp:
(WebCore::RenderLayer::rendererContentChanged):
(WebCore::RenderLayer::repaintIncludingNonCompositingDescendants):
New compositing-only method that repaints a layer and all its non-composited descendants.
Takes a repaintContainer for performance; all the repaints necessarily share the same
repaintContainer.

rendering/RenderLayerCompositor.h:

rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::updateLayerCompositingState):
Rather than use calculateCompositedBounds() to compute the repaint rect (which gave
the wrong answer when the composited layer tree was in flux), use the new
repaintOnCompositingChange() method.

(WebCore::RenderLayerCompositor::repaintOnCompositingChange):
Call repaintIncludingNonCompositingDescendants(), and if necessary make sure
that the view/layer drawing synchronization happens.

(WebCore::RenderLayerCompositor::computeCompositingRequirements):
Do a repaintOnCompositingChange() when a layer is going to be composited. This is
a good place because we haven't started to change the compositing tree.

(WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
After we've finished updating all the descendant layers, we can do a repaint for
layers that ceased compositing.

rendering/RenderThemeWin.cpp: Added new constants.
(WebCore::RenderThemeWin::getThemeData): On Vista, use the
CP_DROPDOWNBUTTONRIGHT part for drop down buttons.
(WebCore::RenderThemeWin::paintMenuList): On Vista, use the CP_BORDER
part to draw the border of <select>s.
(WebCore::RenderThemeWin::paintMenuListButton): On Vista, outset the
drop down button to make its border coincide with the <select>'s
border.

Added some double-checking to event handler marking. Now, when the
wrapper that's responsible for marking an event handler's JavaScript
function gets collected, it clears the event handler's JavaScript function
so we won't dereference it after it's collected.

In theory, we would never dereference a JavaScript event handler after
its node's wrapper was collected anyway, but it's nice to be safe.

runtime/UString.cpp:
(JSC::initializeStaticBaseString):
(JSC::initializeUString):
(JSC::UString::BaseString::isShared):
Encapsulate the meaning behind the refcount == 1 checks because
this needs to do slightly more when sharing is added.
(JSC::concatenate):
(JSC::UString::append):
(JSC::UString::operator=):

runtime/UString.h:
Make m_baseString part of a union to get rid of casts, but make it protected because
it is tricky to use it correctly since it is only valid when the Rep is not a BaseString.
The void* will be filled in when sharing is added.

Add constructors due to the making members protected and it make ensuring proper
initialization work better (like in SmallStringsStorage).
(JSC::UString::Rep::create):
(JSC::UString::Rep::Rep):
(JSC::UString::Rep::):
(JSC::UString::BaseString::BaseString):
(JSC::UString::Rep::setBaseString):
(JSC::UString::Rep::baseString):

fix <rdar://problem/6764359> Thai word selection misbehaves for the
last sentence in the document

Test: editing/selection/thai-word-at-document-end.html

editing/visible_units.cpp:

Added a BoundarySearchContextAvailability enum used to indicate
whether the caller to a boundary search function may be able to provide
additional text in the search direction and call again.

Added a named type for the boundary search function signature. Changed
the signature to take a context availability parameter and a boolean
out parameter indicating whether more context is needed to perform
the search.

(WebCore::previousBoundary): If the beginning of the range was reached

but the last search wanted more context, perform the search again, this
time indicating that there is no earlier text.

(WebCore::nextBoundary): Similarly, in the other direction.
(WebCore::startWordBoundary): Check whether more context may be available

Clean up the accelerated compositing code that determines the format of
the GraphicsLayer hierarchy, being more explicit about which parts have
to happen before and after descendant layers have been updated. Also remove
some unhelpful caching of state.

dom/Document.cpp:
(WebCore::Document::recalcStyle):
Only call updateCompositingLayers() if we know we're not going to be
doing a layout soon.

platform/graphics/mac/GraphicsLayerCA.mm:
(WebCore::GraphicsLayerCA::setDrawsContent):
Toggling drawsContent from false to true should do a setNeedsDisplay().

rendering/RenderLayer.cpp:
(WebCore::RenderLayer::styleChanged):
updateLayerCompositingState() no longer updates the layer geometry, so
do that here if we're not going to rebuild layers anyway.
Also, updateLayerCompositingState() no longer does a setContentsNeedDisplay,
so do that if the style change indicates that a repaint is required.

rendering/RenderLayerBacking.h:

rendering/RenderLayerBacking.cpp:
(WebCore::RenderLayerBacking::RenderLayerBacking):
(WebCore::RenderLayerBacking::updateAfterLayout):
The 'drawing optimizations' logic has been rolled into updateGraphicsLayerConfiguration()
and updateGraphicsLayerGeometry().

(WebCore::RenderLayerBacking::updateGraphicsLayerConfiguration):
Group that code that decides what GraphicsLayers are needed into this method,
which deals with clipping layers and 'direct compositing': images that can be
rendered via the compositor.

(WebCore::RenderLayerBacking::updateGraphicsLayerGeometry):
Call setDrawsContent() if updateGraphicsLayerConfiguration() didn't already
figure it out for image layers.

(WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer):
Remove the m_simpleCompositingLayerStatusDirty cache indicator, since we just
computed it every time anyway.

rendering/RenderLayerCompositor.h:

rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::updateLayerCompositingState):
updateGraphicsLayers() was renamed to updateGraphicsLayerConfiguration(),
which calls clippedByAncestor() etc. itself rather than having everything passed in.
Repaints are taken care of by styleChanged() and setDrawsContent().

(WebCore::RenderLayerCompositor::calculateCompositedBounds):
!layer->isComposited() && layer->transform() is a synonym for paintsWithTransform().

g++ 4.4.0 seems to be more strict about aliasing rules, so it
produces incorrect code if dtoa.cpp is compiled with
-fstrict-aliasing (it also emits a ton of warnings, so fair enough
I guess). The problem was that we were only casting variables to
union types in order to do type punning, but GCC and the C
standard require that we actually use a union to store the value.

The problem was that a protected event listener's scope chain would end
up with a reference to the Node protecting it, causing a cycle. The
solution is to stop protecting event listeners and rely on marking instead.

This patch converts most Node event listeners to use marking instead of
GC protection.

bindings/js/JSDOMBinding.cpp:
(WebCore::isObservableThroughDOM):
(WebCore::markDOMNodesForDocument): Refactored the test for whether a Node
needs marking, and added a case for marking the node in order to mark its
event listeners.

Pull the call to updateGraphicsLayerGeometry() out of updateGraphicsLayers(),
because we need to call it at the end of rebuildCompositingLayerTree() once
we've determined which descendant layers are composited, otherwise
calculateCompositedBounds() can give the wrong answer.

Now that updateLayerCompositingState() doesn't end up calling updateGraphicsLayerGeometry(),
call that explicitly from styleChanged(), if we know a layer update is not pending,
and similarly from updateAfterLayout().

platform/graphics/mac/CoreTextController.cpp:
(WebCore::CoreTextController::offsetForPosition): Changed to use
cursorMovementIterator instead of characterBreakIterator, allowing this
function to return a valid cursor position even if it is not at
a character boundary.

LayoutTests:

Reviewed by Mark Rowe.

test for <rdar://problem/6757862> REGRESSION: Cannot use the mouse to
place the insertion point inside a Thai character

Don't update the document pointer for all inactive windows on navigations.
This change causes us to differ slightly from Firefox when accessing the
document from within a closure tied to a navigated context, but as all
browsers differ on this edge case, I don't foresee compatibility issues.

We were starting transitions with 0 duration and delay, which is
useless. With accelerated compositing on, this went through a code
path that tried to use m_toStyle, which never got set because the
transitions was short circuited before it had a chance to. So I
both protect against using that null pointer and avoid starting
the transition in the first place.

Use the window object the Location and History objects are directly associated with
instead of the lexical global object to pick the object prototype to serve as the
base of the their respective prototype chains.

Re-factor as necessary to allow passing the correct global object to the createPrototype
functions.

This fix essentially does a -viewWillDraw call for layout. It adds
a CFRunLoopObserver which performs layout just before drawing on the
Mac platform. This makes sure layout is complete before rendering and
avoids a flash.

platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
(WebCore::MediaPlayerPrivate::naturalSize): Use QTMovieCurrentSizeAttribute instead
of QTMovieNaturalSizeAttribute so we return the correct size for movies saved
with a non-default matrix.
(WebCore::MediaPlayerPrivate::setSize): Don't resize the QTMovieView
because [QTMovieView setFrame] also resizes the movie itself, and as
the renderer calls setSize immediately when a movie reports a size change
(QTMovieSizeDidChangeNotification) we can get into a feedback loop
observing the size change and resetting the size, and this can cause
QuickTime to miss correctly setting a movie's size when the media size
changes after opening (as happens with an rtsp movie once the server sends
the track sizes). Instead, remember the size passed to paint() and
resize the view when it changes.
(WebCore::MediaPlayerPrivate::paint): Resize the view when passed a new size.

platform/graphics/win/QTMovieWin.cpp:
(QTMovieWin::getNaturalSize): Use GetMovieBox instead of GetMovieNaturalBoundsRect
so we return the correct size for movies saved with non-default matrix.